Subversion Repositories wimsdev

Rev

Rev 3840 | Go to most recent revision | Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
10 reyssat 1 
/*    Copyright (C) 1998-2003 XIAO, Gang of Universite de Nice - Sophia Antipolis
2 
 *
3 
 *  This program is free software; you can redistribute it and/or modify
4 
 *  it under the terms of the GNU General Public License as published by
5 
 *  the Free Software Foundation; either version 2 of the License, or
6 
 *  (at your option) any later version.
7 
 *
8 
 *  This program is distributed in the hope that it will be useful,
9 
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
10 
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
11 
 *  GNU General Public License for more details.
12 
 *
13 
 *  You should have received a copy of the GNU General Public License
14 
 *  along with this program; if not, write to the Free Software
15 
 *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
16 
 */
17 
 
18 
 /* This is a small program used simply to fetch web pages.
19 
  * No fancy functionalities such as link redirection or site sucking is
20 
  * present.
21 
  * Page fetched can only be sent to stdout. */
22 
 
23 
#include "../wims.h"
24 
#include <netdb.h>
25 
#include <sys/socket.h>
26 
#include <netinet/in.h>
27 
 
28 
char *cheater1="User-Agent: WIMS-webget";
29 
char *cheater2="Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*\r\n\
30 
Accept-Encoding: gzip\r\n\
31 
Accept-Language: en, fr, it, de, es\r\n\
32 
Accept-Charset: iso-8859-1,*,utf-8";
33 
char pbuf[4096], tbuf[4096];
34 
char tfname[1024];
35 
char *tmpdir="/tmp";
36 
int soc, port, https;
37 
int charcnt;
38 
FILE *outf;
39 
 
40 
void errorquit(char *msg)
41 
{
42 
    fprintf(stderr,"%s: %s\n",msg,strerror(errno)); exit(1);
43 
}
44 
 
45 
        /* Points to the end of the word */
46 
char *find_word_end(char *p)
47 
{
48 
    int i;
49 
    for(i=0;!isspace(*p) && *p!=0 && i<MAX_LINELEN; p++,i++);
50 
    return p;
51 
}
52 
 
53 
        /* Strips leading spaces */
54 
char *find_word_start(char *p)
55 
{
56 
    int i;
57 
    for(i=0; isspace(*p) && i<MAX_LINELEN; p++,i++);
58 
    return p;
59 
}
60 
 
61 
        /* Secured execution */
62 
void secure(char *host)
63 
{
64 
    char *p1, *p2, *p3, buf[MAX_LINELEN+1];
65 
    long int l;
66 
    FILE *f;
67 
 
68 
    p1=getenv("w_module"); if(p1==NULL || *p1==0) return;
69 
    p1=getenv("untrust"); if(p1==NULL || *p1==0) return;
70 
    f=fopen("webget.sites","r"); if(f==NULL) return;
71 
    l=fread(buf,1,MAX_LINELEN,f); fclose(f);
72 
    if(l<=0 || l>MAX_LINELEN) return;
73 
    buf[l]=0;
74 
    for(p1=find_word_start(buf);*p1;p1=find_word_start(p2)) {
75 
        p2=find_word_end(p1); if(*p2) *p2++=0;
76 
        p3=strstr(host,p1); if(p3==NULL) continue;
77 
        if((p3==host || *(p3-1)=='.') && *(p3+strlen(p1))==0) return;
78 
    }
79 
    exit(1);  /* unauthorized sites refused. */
80 
}
81 
 
82 
        /* open a TCP/IP socket with host/port
83 
         * returns the file descriptor for the socket */
84 
int net_connect(char *host)
85 
{
86 
    struct hostent *hp;
87 
    struct sockaddr_in sin;
88 
    int soc;
89 
 
90 
    secure(host);
91 
    if(!(hp = gethostbyname(host))) errorquit("unknown host.");
92 
    if((soc = socket(hp->h_addrtype,SOCK_STREAM,0))<0)
93 
      errorquit("socket() error");
94 
    memmove(&sin.sin_addr,hp->h_addr,hp->h_length);
95 
    sin.sin_port=htons(port);
96 
    sin.sin_family = hp->h_addrtype;
97 
    if(connect(soc,(struct sockaddr *)&sin,sizeof(sin))<0) {
98 
        close(soc); errorquit("connect() error");
99 
    }
100 
    return soc;
101 
}
102 
 
103 
int gethttps(char *host)
104 
{
105 
    char buf[65536];
106 
    char *tp;
107 
 
108 
    tp=getenv("tmp_dir"); if(tp!=NULL && *tp!=0) tmpdir=tp;    
109 
    snprintf(tfname,sizeof(tfname),"%s/https.tmp",tmpdir);
110 
    snprintf(buf,sizeof(buf),"\
111 
mkdir -p %s\n\
112 
openssl s_client -connect %s:%d -quiet 2>/dev/null >%s <<@\n\
113 
%s\n\
114 
@\n", tmpdir,host,port,tfname,tbuf);
115 
    system(buf);
116 
    return open(tfname,O_RDONLY);
117 
}
118 
 
119 
int main(int argc, char *argv[])
120 
{
121 
    char *parm, *pt, *p1, *p2, *p3, *p4, *dp, *pre;
122 
    char nbuf[4096], *pp1, *pp2;
123 
    char c;
124 
 
125 
    parm=getenv("wims_exec_parm");
126 
    if(parm==NULL || *parm==0) errorquit("no_parameter");
127 
    snprintf(pbuf,sizeof(pbuf),"%s",parm);
128 
    p1=find_word_start(pbuf); p2=find_word_end(p1);
129 
    if(*p2!=0) *p2++=0; https=0;
130 
    outf=stdout; pp1=getenv("w_webget_output");
131 
    pp2=getenv("session_dir");
132 
    if(pp1!=NULL && strstr(pp1,"..")==NULL && isalnum(*pp1) && pp2!=NULL) {
133 
        snprintf(nbuf,sizeof(nbuf),"%s/%s",pp2,pp1);
134 
        outf=fopen(nbuf,"w"); if(outf==NULL) outf=stdout;
135 
    }
136 
    dp=getenv("w_webget_option");
137 
    if(dp!=NULL && strstr(dp,"direct")!=NULL) { /* direct get */
138 
        p1=getenv("w_webget_host");
139 
        p2=getenv("w_webget_port");
140 
        if(p1==NULL || p2==NULL) errorquit("incomplete_request");
141 
        port=atoi(p2);
142 
        soc=net_connect(p1); if(soc==-1) return 1;
143 
        c=' '; for(p3=parm; *p3; p3++) {
144 
            if(*p3=='\n' && c!='\r') write(soc,"\r",1);
145 
            write(soc,p3,1); c=*p3;
146 
        }
147 
        write(soc,"\r\n\r\n",4);
148 
        pt=getenv("w_module");
149 
        if(pt==NULL || *pt==0 || strncmp(pt,"adm/",4)==0 ) {  /* File to post? */
150 
            pt=getenv("w_webget_post"); if(pt!=NULL && *pt!=0) {
151 
                FILE *f;
152 
                char buf[4096];
153 
                size_t l;
154 
                f=fopen(pt,"r"); if(f!=NULL) {
155 
                    do {
156 
                        l=fread(buf,1,sizeof(buf),f);
157 
                        if(l>0 && l<=sizeof(buf)) write(soc,buf,l);
158 
                    } while(l==sizeof(buf));
159 
                    fclose(f);
160 
                }
161 
            }
162 
        }
163 
        if(strstr(dp,"normalread")!=NULL) goto read;
164 
        charcnt=0;
165 
        while(read(soc,pbuf,1)>0 && charcnt<10240) {
166 
            fputc(pbuf[0],outf); charcnt++;
167 
        }
168 
        close(soc);
169 
        return 0;
170 
    }
171 
    if(strncasecmp(p1,"http://",strlen("http://"))==0) p1+=strlen("http://");
172 
    else if(strncasecmp(p1,"https://",strlen("https://"))==0) {
173 
        https=1; p1+=strlen("https://");
174 
    }
175 
    p3=strchr(p1,'/'); if(p3==NULL) p3="";
176 
    else {*p3++=0; while(*p3=='/') p3++;}
177 
    if(strncasecmp(p3,"http://",strlen("http://"))==0 ||
178 
       strncasecmp(p3,"https://",strlen("https://"))==0) pre="";
179 
    else pre="/";
180 
    snprintf(tbuf,sizeof(tbuf),"GET %s%s HTTP/1.0\r\n%s\r\n\
181 
Host: %s\r\n\
182 
%s\r\n\r\n",
183 
             pre,p3,cheater1,p1,cheater2);
184 
    p4=strchr(p1,':'); if(p4==NULL) {
185 
        if(https) port=443; else port=80;
186 
    }
187 
    else {*p4++=0; port=atoi(p4);}
188 
    if(https) {
189 
        soc=gethttps(p1); goto read;
190 
    }
191 
    soc=net_connect(p1);
192 
    write(soc,tbuf,strlen(tbuf));
193 
        /* header */
194 
    read: if(soc==-1) return 1;
195 
    c=-1;
196 
    while(read(soc,pbuf,1)>0) {
197 
        if(pbuf[0]=='\r') continue;
198 
        fputc(pbuf[0],stderr);
199 
        if((c=='\n') && (pbuf[0]=='\n')) break; else c=pbuf[0];
200 
    }
201 
        /* body */
202 
    charcnt=0;
203 
    while(read(soc,pbuf,1)>0 && charcnt<MAX_WEBGETFLEN) {
204 
        fputc(pbuf[0],outf); charcnt++;
205 
    }
206 
    close(soc);
207 
    if(outf!=stdout) fclose(outf);
208 
    if(https) unlink(tfname);
209 
    return 0;
210 
}
211